Vulnerabilities > CVE-2009-1959 - Numeric Errors vulnerability in Irssi 0.8.13
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Irssi 0.8.13 'WALLOPS' Message Off By One Heap Memory Corruption Vulnerability. CVE-2009-1959. Dos exploit for linux platform |
| id | EDB-ID:33041 |
| last seen | 2016-02-03 |
| modified | 2009-05-15 |
| published | 2009-05-15 |
| reporter | nemo |
| source | https://www.exploit-db.com/download/33041/ |
| title | Irssi <= 0.8.13 - 'WALLOPS' Message Off By One Heap Memory Corruption Vulnerability |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200909-13.NASL description The remote host is affected by the vulnerability described in GLSA-200909-13 (irssi: Execution of arbitrary code) Nemo discovered an off-by-one error leading to a heap overflow in irssi last seen 2020-06-01 modified 2020-06-02 plugin id 40960 published 2009-09-14 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40960 title GLSA-200909-13 : irssi: Execution of arbitrary code NASL family Fedora Local Security Checks NASL id FEDORA_2009-7012.NASL description - Tue Jun 23 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 0.8.13-3 - Resolve CVE-2009-1959 - Fri May 1 2009 Marek Mahut <mmahut at fedoraproject.org> - 0.8.13-1 - Upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40474 published 2009-08-04 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40474 title Fedora 11 : irssi-0.8.13-3.fc11 (2009-7012) NASL family SuSE Local Security Checks NASL id SUSE_11_0_IRSSI-090615.NASL description Fixed a irssi off by one overflow in the event_wallops() function. CVE-2009-1959 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 39994 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39994 title openSUSE Security Update : irssi (irssi-1004) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-800-1.NASL description It was discovered that irssi did not properly check the length of strings when processing WALLOPS messages. If a user connected to an IRC network where an attacker had IRC operator privileges, a remote attacker could cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39787 published 2009-07-14 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39787 title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : irssi vulnerability (USN-800-1) NASL family SuSE Local Security Checks NASL id SUSE_IRSSI-6304.NASL description Fixed a irssi off by one overflow in the event_wallops() function. CVE-2009-1959 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 39433 published 2009-06-17 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39433 title openSUSE 10 Security Update : irssi (irssi-6304) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-133.NASL description A vulnerability has been found and corrected in irssi : Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow (CVE-2009-1959). This update provides fixes for this vulnerability. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 39429 published 2009-06-17 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39429 title Mandriva Linux Security Advisory : irssi (MDVSA-2009:133-1) NASL family SuSE Local Security Checks NASL id SUSE_11_1_IRSSI-090615.NASL description Fixed a irssi off by one overflow in the event_wallops() function. CVE-2009-1959 has been assigned to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 40234 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40234 title openSUSE Security Update : irssi (irssi-1004) NASL family Fedora Local Security Checks NASL id FEDORA_2009-7004.NASL description - Tue Jun 23 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 0.8.13-3 - Resolve CVE-2009-1959 - Fri May 1 2009 Marek Mahut <mmahut at fedoraproject.org> - 0.8.13-1 - Upstream release - Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.12-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> - 0.8.12-12 - rebuild with new openssl Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40828 published 2009-09-02 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40828 title Fedora 10 : irssi-0.8.13-3.fc10 (2009-7004)
References
- http://bugs.irssi.org/index.php?do=details&task_id=662
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- http://secunia.com/advisories/35685
- http://secunia.com/advisories/35812
- http://secunia.com/advisories/36152
- http://www.irssi.org/ChangeLog
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:133
- http://www.openwall.com/lists/oss-security/2009/05/29/3
- http://www.securityfocus.com/bid/35399
- http://www.securitytracker.com/id?1022410
- http://www.ubuntu.com/usn/usn-800-1
- http://www.vupen.com/english/advisories/2009/1596
- http://xorl.wordpress.com/2009/05/28/irssi-event_wallops-off-by-one-readwrite/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51184
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00146.html